When is security personnel involvement in the Systems Development Life Cycle (SDLC) process MOST beneficial?
A. Testing phase
B. Development phase
C. Requirements definition phase
D. Operations and maintenance phase
2 Comments on “When is security personnel involvement in the Systems Development Life Cycle (SDLC) process MOST beneficial?”
trenssays:
Why is it not D?
0
0
Somebodysays:
This a good example where several answer may be good, but only one is the BEST (as requested in the question: “MOST beneficial”.
– D: Imagine a poorly designed and poorly implemented software with more holes than swiss-cheese, now turn to the security team and ask them to ensure it is operated and maintained following highest security standards… I would not like to be on of them :/ …
– C: Security team are involved right from the beginning, explaining what threats the application may face and what mitigation measures should be therefore adopted. The result will be a lot cleaner 🙂 !
Why is it not D?
0
0
This a good example where several answer may be good, but only one is the BEST (as requested in the question: “MOST beneficial”.
– D: Imagine a poorly designed and poorly implemented software with more holes than swiss-cheese, now turn to the security team and ask them to ensure it is operated and maintained following highest security standards… I would not like to be on of them :/ …
– C: Security team are involved right from the beginning, explaining what threats the application may face and what mitigation measures should be therefore adopted. The result will be a lot cleaner 🙂 !
0
0